One of the blogs we monitor to keep our community aware of the latest scams is the Internet Crime Complaint Center.  A recent posting on that site focused on “CryptoLocker Ransomware”.  According to the FBI, CryptoLocker is a file encrypting Ransomware.  Businesses receive an email with alleged customer complaints and contains an attachment that when opened, appears as a window and is in fact a malware downloader. This downloader than downloads and installs the actual CryptoLocker malware.

The wording in the window states that important files have been encrypted using a unique public key generated for the computer. To decrypt the files victims need to obtain the private key. A copy of the private key is located on a remote server that will destroy the key after the specified time shown in the window. The attackers demand a ransom of $300.00 to be paid in order to decrypt the files.

According to the post, once the encryption of the files is complete, decryption is not feasible. To obtain the file specific Advanced Encryption Standard (AES) key to decrypt a file, victims need the private RSA key (an algorithm for public key cryptography) corresponding to the RSA public key generated for the victim’s system by the command and control server. However, this key never leaves the command and control server, putting it out of reach of everyone except the attacker. The recommended solution is to scrub your hard drive and restore encrypted files from a backup.

As with any virus or malware, the way to avoid it is with safe browsing and email habits. Specifically, in this case, be wary of email from senders you don’t know and never open or download an attachment unless you’re sure you know what it is and that it’s safe. Be especially wary of unexpected email from postal/package services and dispute notifications.

If you have been a victim of an internet scam, please file a complaint at www.ic3.gov.

For more on best practices to steer clear of identity theft and related scams, please visit www.hvshred.com

This week we use our blog to remind our community about a common scam.  Always be wary of automated voice messages when you pick up a call.  An ongoing scam is the one that alerts recipients that their debit cards are inactive, frozen, or locked.  Oftentimes, these calls repeat and have an official and insistent tone.

The automated system prompts listeners to press 1 to re-activate the card and, once the key is pressed, the robot asks for their card number and PIN.

If you get an automated call—HANG UP!

If you are concerned about any of your cards, contact your financial institution directly to verify.  Initiate all calls that involve sharing personally identifying information.  Those are best practices to deter identity thieves.

For more information on identity theft protection, please visit www.hvshred.com

It’s time again for another round of electronics recycling. As Co-Chair of the Dutchess County Regional Chamber’s Green Life Committee, I am happy to share that our Fall recycling days will be Friday (businesses) and Saturday (residential) November 1st and 2nd 10am-4pm at Recycle Depot 230 Van Wagner Road Poughkeepsie NY

Flyer for November 2013 Electronics Recycling

In 2012, thanks to the support of the local community, we safely and securely disposed of another 22 tons of unwanted monitors, printers, keyboards, VCR’s, batteries, cell phones, terminals, cables, fax machines, radios, modems, CRT’s, telephones, TV’s, CPU’s, copiers, typewriters and stereo equipment. We filled several more tractor trailers and box trucks and raised another $1600 for the Chamber Education Foundation. That brings us up to nearly 50 tons and over $3000 since we started doing this in October, 2011.

For more information, please visit www.hvshred.com

In this week of the launch of healthcare exchanges we turn to a regular go to for our Blog to publicize the most timely identity theft protection information is the The Identity Theft Resource Center (ITRC). In a recent article, the President & CEO Eva Velasquez voiced concerns regarding the potential for new scams concerning the implementation of the Health Insurance Exchange (HIE) websites as part of the Patient Protection and Affordable Care Act (aka Obamacare).

These exchanges are currently online with enrollment due to start on October 1st.
According to the Act, each state must implement insurance exchanges. These exchanges are to serve as online marketplaces (websites) for consumers to compare rates and make choices about which health insurance coverage is best for them. Each state has the ability to determine the best way to manage these exchanges in order to meet the needs of their uninsured residents.

The open enrollment period for these exchanges begins on October 1, 2013. There is huge potential for misinformation and misunderstanding with this new insurance exchange program. Consumers will now be mandated (or face a penalty come tax time) to purchase health insurance if they don’t have existing coverage. The official website, www.healthcare.gov will be used by the majority of the states. Use this URL as your starting point—this is the site dedicated by the government and will be the safest gateway to the marketplace.

Scams and fake websites will no doubt try to trick consumers into thinking that it is either the federal health exchange website or one of the alternative state websites. Without known and reliable sources, there exists a great opportunity for gaming of the Internet search engines to attract consumers to websites intent on harming them by eliciting the fraudulent collection of personal identifying information (PII). There is a need to present factual information about which websites represent the accredited websites for the new insurance exchanges.

As always, be mindful of whom you are sharing confidential information with.

For more on identity theft best practices visit www.hvshred.com

As a matter of practice, we use our blog to educate our community. Identity Theft Prevention is often a dim but necessary topic. In this case, it is more dim than usual. The cautionary story comes from identity theft on top of the heartbreaking loss of a loved one.

Recently in Virginia Beach, VA, the tragic death of an 18 year old young man was compounded by identity theft. Especially in such a case, identity theft is low on the list of concerns for the family. Unfortunately, it should be a priority one. In less than 8 weeks after Gregory Welch, an 18 year old, died in a car wreck his parents realized that his identity had been stolen.

Some tips for anyone assigned as an executor:
(1)Close all known financial accounts.
(2)Notify the credit-reporting agencies of the death.
(3)Check the credit report after six months and a year.

For more information on Identity Theft Prevention and best practices, please visit www.hvshred.com

The date is getting nearer so we want to make sure the word is out! The Poughkeepsie Arlington Rotary is holding a Community Shred Event hosted by LaGrange Pharmacy and Bridgeway Federal Credit at the new plaza at the junction of Routes 82 and 55 in LaGrangeville, NY. Only 3 more weeks to gather your confidential paperwork to take advantage of this great opportunity to securely dispose of your paperwork as well as support a great cause.

On-site shredding service will be provided by HV Shred, Inc from 9am-noon. 100% of the suggested $10 per box/bag donation will go to the community improvement projects run by the Poughkeepsie Arlington Rotary.

No need to worry about staples, paperclips, spiral notebooks, or even bank books. HV Shred’s high tech shredding knives can easily shred through all that. In addition, all the shredded paper is recycled helping to preserve and protect our local and global environment.

For more information, please contact Judith a (845) 705-7279

We’re looking forward to a big crowd so we can fully fund all the Poughkeepsie Arlington Rotary programs in the upcoming year.

Help us make it a success–and protect your identity and the earth as well!

See you Saturday, September 28th 9am-noon at 1520 Route 55 in LaGrangeville NY 12540

Here it is—Labor Day! Time to put away the bathing suits and get back into our business suits. As always, rule #1 when it comes to identity theft best practices is always be wary and mindful of scams.

One that never seems to go away and has the goal of scaring small-business owners and corporations into “so called compliance” is solicitations for preparing so-called required corporate records. The fee can be $125 or more for preparing the documents. A return envelope is often included. The paperwork looks legitimate and looks like it could be from a state government office.

It is nothing but garbage—our favorite advice is “shred it!”.

There have been reports of church leaders and sorority sisters getting similar forms, too. So if you received something in the mail because of some corporate affiliation, read it very, very carefully before sending any money. And definitely check with your accountant to double check legitimacy.

Regulators say solicitations are hitting small-business owners in several states.
The target is a small-business owner who is busy juggling many duties and may be tricked into thinking that some state government agency is requiring yet another form and another fee.

The so-called compliance solicitation can include a form called “2013 — Annual Corporate Records Form.” Accountants say the letter attempts to confuse unsuspecting business owners by using “official-looking documents.”
It’s misleading. Don’t fall for it. Again, our favorite advice is “Shred It!”

For more information on best practices regarding identity theft prevention and government compliance issues, please visit www.hvshred.com